RhostsAuthentication + nondefault port doesn't work?

Pekka Savola pekkas at netcore.fi
Tue Oct 31 06:17:28 EST 2000 

Hello all,

It seems that RhostsAuthentication does not work on non-default port no
matter what when connecting from OpenSSH (2.1.1, 2.2.0 tried) either with
protocol 1 or protocol 2 (shouldn't work either..).

_However_ when connecting with SSH.COM Ltd's ssh, RhostsAuthentication
works just fine!

Checking the port number of ssh client you can see that OpenSSH doesn't
assign privileged port for this, but SSH Ltd's ssh does. Connecting to
port 22 works with OpenSSH too.

Is this a feature?  If so, I wonder why?


A little configuration and log:
--- sshd_config ---
IgnoreRhosts yes
#IgnoreUserKnownHosts yes
RhostsAuthentication yes
RhostsRSAAuthentication yes
RSAAuthentication yes
---

--- .ssh/config ---
Protocol 1
RhostsAuthentication yes
---

--- sshd log when connecting w/ OpenSSH ---
Connection from x.y.z.w port 4624		<---- NOTE PORT NUMBER!
debug1: Client protocol version 1.5; client software version
OpenSSH_2.2.0p1
debug1: match: OpenSSH_2.2.0p1 pat ^OpenSSH_2\.2
debug1: Local version string SSH-1.99-OpenSSH_2.3.0p1
debug1: Sent 768 bit public key and 1024 bit host key.
debug1: Encryption type: blowfish
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Starting up PAM with username "pekkas"
debug1: Attempting authentication for pekkas.
[ trying password entries ... ]
---

--- 
connection from a.b.c.d port 1005
debug1: Client protocol version 1.5; client software version 1.2.25
debug1: no match: 1.2.25
debug1: Local version string SSH-1.99-OpenSSH_2.3.0p1
debug1: Sent 768 bit public key and 1024 bit host key.
debug1: Encryption type: blowfish
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Starting up PAM with username "pekkas"
debug1: Attempting authentication for pekkas.
Failed rhosts for pekkas from a.b.c.d port 1005 ruser pjsavol3
debug1: Trying rhosts with RSA host authentication for client user pjsavol3
Failed rhosts-rsa for pekkas from a.b.c.d port 1005 ruser pjsavol3
---

-- 
Pekka Savola                 "Tell me of difficulties surmounted, 
Pekka.Savola at netcore.fi      not those you stumble over and fall"

More information about the openssh-unix-dev mailing list